SuSE Essential and Critical Security Patch Updates - Page 780
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
The IMAP-code of mutt is vulnerable to a buffer overflow that can be exploited by a malicious IMAP-server to crash mutt or even execute arbitrary code with the privileges of the user running mutt.
A buffer overflow vulnerability in the ELF format parsing of the "file" command, one which can be used to execute arbitrary code with the privileges of the user running the command has been fixed.
Ethereal is vulnerable to a format string bug in it's SOCKS code and to a heap buffer overflow in it's NTLMSSP code.
The sample exploit requires a valid user account and password, and overflows a string in the pop_msg() function to give the user "mail" group privileges and a shell on the system. Since the Qvsnprintf function is used elsewhere in qpopper, additional exploits may be possible.
A buffer overflow and race condition vulnerabilities have been fixed. These vulnerabilities may lead to remote root compromise.
This bug can be exploited remotely by an attacker to stop the use of tcpdump for analyzing network traffic for signs of security breaches or alike. Another bug may lead to system compromise due to the handling of malformed NFS packets send by an attacker.
This buffer overflow can be exploited by a local user, if the printer system is set up correctly, to gain root privileges. lprold is installed as default package and has the setuid bit set.
Updated Sendmail packages are available to fix a vulnerability thatmay allow remote attackers to gain root privileges by sending acarefully crafted message.
A security weakness has been found, known as "Vaudenay timing attack on CBC"
Under some special circumstances a buffer overflow can be triggered in mod_php4's wordwrap() function.
Some SQL-injection vulnerabilities were found in IMP 2.x that allow an attacker to access the underlying database.
An attacker with CVS read access to compromise a CVS server. Additionally two features ('Update-prog' and 'Checkin-prog') were disabled to stop clients with write access to execute arbitrary code on the server.
The ISC (Internet Software Consortium) dhcp package is an implementation of the Dynamic Host Configuration Protocol (DHCP).
Remote attackers can insert certain characters in CGI queries to the susehelp system tricking it into executing arbitrary code as the "wwwrun" user.
Due to wrong calculation of some loop offset values a buffer overflow can occur.
Within the MySQL server the password checking and a signedness issue has been fixed.
There are several security issues with CUPS that can lead to local and remote root compromise.
Stefan Esser of e-matters reported a bug in fetchmail's mail address expanding code which can lead to remote system compromise.